Simda obfuscator is somehow irritating as it multistaged. Drivers and dlls weren't updated since March 2011. The only thing they change is upper obfuscation layer.

1) original_rootkit_driver -> decrypt second stage procedures (implemeted as second native PE file), can be decrypted in user mode debugger. Or break in WinDbg at Simda driver entry and trace until "call eax"